The views of one man on security, privacy and anything else that catches his attention. The views expressed on this blog do not reflect the views of my employer or anyone other than myself.

I’m back from the far reaches of Canada (Montreal), I’ve almost recovered from the 20+ hours of flying in the last 10 days and other things I picked up along the way. My mind says I could still use another 6-8 hours of sleep, but my body and my kids don’t quite agree with it. So instead I’m up early playing my MMORPG, reading my twitter stream and blogging. Sounds like a pretty typical Saturday morning to me. Except I’m heading down to SF in a couple of hours to record more video discussions with several other security professionals, some face to face, some via the miracles of the Internet. I’ve already professed to the group that I’m the least likely to be considered an ‘expert’ in most of the subjects we’ll be talking about, but that’s never stopped me from voicing an opinion before, so why let it start now.

Saturday morning reading:

Just a little forewarning: There’s some big news coming to the Security Blogger Meetup page in the next couple of days. I can’t tell you more until I get permission, but keep an eye out on the page and your email if you’re a security blogger, podcaster or writer.

Wave Bubble: Build your own self-tuning RF jammer. Which is probably illegal in several states, especially if you use it against cell phones. But hey, it’d be worth taking in the theater with you to block those annoying jerks in the row behind you who insist on taking calls in the middle of the show. Thanks to John McCash for showing me this one.

I found out this week that the CEO of my ISP blogs and twitters, and is now following me. Sonic.net is one of, if not the, biggest privately owned ISP in the US. After the holidays are over, I’m hoping to get an interview with him and several of his engineers to discuss the security concerns of running a large ISP.

‘Dirty Dozen’ of vulnerable apps – I’m not sure if this is a valid list or just another attempt to garner attention, but I’m putting in my reading list to figure out later.

Review of “Schneier on Security” – I like Bruce Schneier, but I’ve most likely read almost every article in this book when it originally came out. So why would I spend money to read them again in paper form? YMMV

I saved the stupidest for last: The McCain campaign was selling off some of the equipment they no longer needed and forgot to wipe the memory of their Blackberries. There were a number of private politician phone numbers still on the phones, even some emails and text messages. And there’s a call out to see if other people who bought the stuff found sensitive information as well. Who needs to hack your email account when you’ll just sell it for $20?